[pptp-server] More: LCP ConfRequest failing (A hint?)

Laurent 'case' Mahieux case at clight.net
Tue Aug 3 09:58:51 CDT 1999 

  Browsing thru the FAQ & Mail archive, I found multiple instances of the
problem; and seemingly no definitive answer.

  I don't have one, though I believe this is a help.

  BTW, I'm not on the list, so if you intend me to read an answer, plz CC me.

Problem basically looks like this on server:
Aug  3 14:06:28 finet0 pptpd[8742]: CTRL: Client 194.149.90.201 control connection started
Aug  3 14:06:28 finet0 pptpd[8742]: CTRL: Starting call (launching pppd, opening GRE)
Aug  3 14:06:28 finet0 pppd[8743]: pppd 2.3.5 started by root, uid 0
Aug  3 14:06:28 finet0 pppd[8743]: Using interface ppp0
Aug  3 14:06:28 finet0 pppd[8743]: Connect: ppp0 <--> /dev/ttyp0
Aug  3 14:06:28 finet0 pppd[8743]: Warning - secret file /etc/ppp/pap-secrets has world and/or group access
Aug  3 14:06:28 finet0 pppd[8743]: sent [LCP ConfReq id=0x1 <auth chap 05> <magic 0xfb5e95ef> <pcomp> <accomp>]
Aug  3 14:06:55 finet0 last message repeated 9 times
Aug  3 14:06:58 finet0 pptpd[8742]: GRE: read(fd=4,buffer=804cffc,len=8196) from PTY failed: status = -1 error = Input/output error
Aug  3 14:06:58 finet0 pptpd[8742]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5)
Aug  3 14:06:58 finet0 pptpd[8742]: CTRL: Client 194.149.90.201 control connection finished
Aug  3 14:06:58 finet0 pppd[8743]: LCP: timeout sending Config-Requests
Aug  3 14:06:58 finet0 pppd[8743]: Connection terminated.
Aug  3 14:06:58 finet0 pppd[8743]: Exit.

On the client (Win98) it fails during the username/password authentification

I traced this to going thru a firewall (two actually).

I went from the follownig setup:

   ISP RAS (194.xx.xx.xx) ---> Firewall (195.xx.xx.xx) --> NAT (10.xx.xx.xx) server

To this setup:

   (195.xx.xx.xx) Local RAS --> NAT (10.xx.xx.xx) server

So, basically, I still go thru a NAT firewall between my dial-up access
and the server, but I bypass the first firewall (the one between our provider
and our "real IP class). This works fine.
  The first firewall is setup for basic services (www, mail, ftp...) and
denies everything else.

  I dunno what port/protocol LCP is using, but it's clearly not getting thru.
pptpd protocol is getting thru though.

  It might be interesting to have all port/protocols listed in the FAQ for
every step of the connection.
  
  Now everything seems to be working great :-)

  I hope this can be usefull.

  Regards,
    Laurent.

-- 
+------------------------------------------------------+----------------+
|case at clight.net    URL http://spring.clight.fr/~case/ | ** GO LINUX ** |
+------------------------------------------------------+----------------+
|                   Life's not fair                    |   My opinions  |
|            But the root password helps               | are my very own|
+------------------------------------------------------+----------------+

More information about the pptp-server mailing list